π΅
π΅
π΅
π΅
HowToHunt
Searchβ¦
π΅
π΅
π΅
π΅
HowToHunt
HowToHunt.md
Account Takeover Methodology
Account Takeover Methodology
Application Level DoS
Application Level DoS Methods
Authentication Bypass
2FA Bypasses
OTP Bypass
Broken-Link Hijacking
Broken-Link Hijacking
Broken Auth And Session Management
Session Based Bugs
CMS
Wordpress
Moodle
CORS
CORS
CORS Bypasses
CSRF
CSRF
CSRF Bypass
Finding CVEs
CVES
CheckList
Web Application Pentesting Checklist
Web Checklist by Chintan Gurjar.pdf
Mindmap by Rohit Gautam
Mindmap by Cristian Cornea
Web Page Source Code Review
Web Page Code Review Tips
EXIF Geo Data Not Stripped
EXIF Geo Data Not Stripped
File Upload Bypass
File Upload Bypass
Find Origin IP
Find Origin
GraphQL
GraphQL
HTTP Desync Attack
HTTP_Desync
Host-Header Attack
Host-Header
HTML-Injection
HTML-Injection
IDOR
IDOR
JWT ATTACK
JWT
MFA Bypass
MFA Bypasses
2FA-Bypass
Misconfigurations
Default Credential And Admin Panel
OAuth
OAuth
Open Redirection
Find OpenRedirect Trick
Open Redirection Bypass
Parameter Pollution
Parameter Pollution In Social Sharing Buttons
Password Reset Functionality
MindMap
Password Reset Token Leakage
Account_Takeover_By_Password_Reset_Functionality
Rate Limit
Rate-Limit Bypass
Recon
Recon Workflow
Subdomain Enumeration
SQLi
SQL Injection.md
SSRF
SSRF
Blind SSRF
SSTI
SSTI
Sign Up Functionality
Sign Up Bugs
Sign Up MindMap
Sensitive Info Leaks
Github Recon Method
Github-Dorks
Github Dorks All
Google Dorks
Shodan CVE Dorks
Status Code Bypass
Status_Code_Bypass Tips
403 Bypass
Subdomain Takeover
Subdomain Takeover - Detail Method
Subdomain Takeover - Easy Method
Tabnabbing
Tabnabbing
WAF Bypasses
WAF Bypass Using Headers
Weak Password Policy
Weak Password Policy
XSS
XSS
Automated XSS
XXE
XXE Methods
Powered By
GitBook
Github-Dorks
GitHub Dork List :
GitHub Dorks for Finding Files
filename:manifest.xml
filename:travis.yml
filename:vim_settings.xml
filename:database
filename:prod.exs NOT prod.secret.exs
filename:prod.secret.exs
filename:.npmrc _auth
filename:.dockercfg auth
filename:WebServers.xml
filename:.bash_history
filename:sftp-config.json
filename:sftp.json path:.vscode
filename:secrets.yml password
filename:.esmtprc password
filename:passwd path:etc
filename:dbeaver-data-sources.xml
path:sites databases password
filename:config.php dbpasswd
filename:prod.secret.exs
filename:configuration.php JConfig password
filename:.sh_history
shodan_api_key language:python
filename:shadow path:etc
JEKYLL_GITHUB_TOKEN
filename:proftpdpasswd
filename:.pgpass
filename:idea14.key
filename:hub oauth_token
HEROKU_API_KEY language:json
HEROKU_API_KEY language:shell
SF_USERNAME salesforce
filename:.bash_profile aws
extension:json
api.forecast.io
β
filename:.env MAIL_HOST=
smtp.gmail.com
β
filename:wp-config.php
extension:sql mysql dump
filename:credentials aws_access_key_id
filename:id_rsa or filename:id_dsa
GitHub Dorks for Finding Languages
language:python username
language:php username
language:sql username
language:html password
language:perl password
language:shell username
language:java api
HOMEBREW_GITHUB_API_TOKEN language:shell
GiHub Dorks for Finding API Keys, Tokens and Passwords
api_key
βapi keysβ
authorization_bearer:
oauth
auth
authentication
client_secret
api_token:
βapi tokenβ
client_id
password
user_password
user_pass
passcode
client_secret
secret
password hash
OTP
user auth
GitHub Dorks for Finding Username
s
user:name (user:admin)
org:name (org:google type:users)
in:login ( in:login)
in:name ( in:name)
fullname:firstname lastname (fullname: )
in:email (data in:email)
GitHub Dorks for Finding Information using Dates
created:<2012β04β05
created:>=2011β06β12
created:2016β02β07 location:iceland
created:2011β04β06..2013β01β14 in:username
GitHub Dorks for Finding Information using Extension
extension:pem private
extension:ppk private
extension:sql mysql dump
extension:sql mysql dump password
extension:json [api.forecast.io] (
http://api.forecast.io/
)
extension:json [mongolab.com] (
http://mongolab.com/
)
extension:yaml [mongolab.com] (
http://mongolab.com/
)
[WFClient] Password= extension:ica
extension:avastlic β[support.avast.com] (
http://support.avast.com/)β
β
extension:json googleusercontent client_secret
Sensitive Info Leaks - Previous
Github Recon Method
Next - Sensitive Info Leaks
Github Dorks All
Last modified
1yr ago
Copy link